Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

ID Title
CVE-2025-69720 Vulnerability in c (CVE-2025-69720)
vulnerability in c (CVE-2025-69720). Confidential information can be exposed externally.
CVE-2026-20131 KEV [KEV] Unsafe Deserialization in Cisco secure-firewall-management-center-fmc (CVE-2026-20131)
vulnerability in Cisco secure-firewall-management-center-fmc (CVE-2026-20131). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-26740 Out-of-Bounds Write in dos (CVE-2026-26740)
out-of-bounds write in dos (CVE-2026-26740). Risk of unauthorized operations or information disclosure.
CVE-2026-27135 Vulnerability in c (CVE-2026-27135)
vulnerability in c (CVE-2026-27135). Risk of unauthorized operations or information disclosure. Exploitable via ``nghttp2_session_terminate_session``.
CVE-2026-23270 Vulnerability in Kernel (CVE-2026-23270)
vulnerability in Kernel (CVE-2026-23270). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `6.1.167, 6.6.130, 6.12.77, 6.18.18, 6.19.8` or later.
CVE-2026-23253 Vulnerability in Kernel (CVE-2026-23253)
vulnerability in Kernel (CVE-2026-23253). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `6.1.167, 6.6.130, 6.12.77, 6.18.17, 6.19.7` or later.
CVE-2026-23269 Out-of-Bounds Read in Kernel (CVE-2026-23269)
vulnerability in Kernel (CVE-2026-23269). Confidential information can be exposed externally. Mitigation: upgrade to `6.6.130, 6.12.77, 6.18.18, 6.19.8` or later.
CVE-2026-23268 Vulnerability in Kernel (CVE-2026-23268)
vulnerability in Kernel (CVE-2026-23268). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `6.6.130, 6.12.77, 6.18.18, 6.19.8` or later.
CVE-2026-33001 Vulnerability in org.jenkins-ci.main:jenkins-core (CVE-2026-33001)
vulnerability in org.jenkins-ci.main:jenkins-core (CVE-2026-33001). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2.555` or later.
CVE-2026-24063 Vulnerability in privilege-escalation (CVE-2026-24063)
vulnerability in privilege-escalation (CVE-2026-24063). Successful exploitation can lead to full system takeover.
CVE-2026-24062 Vulnerability in privilege-escalation (CVE-2026-24062)
vulnerability in privilege-escalation (CVE-2026-24062). Successful exploitation can lead to full system takeover.
CVE-2026-23244 Out-of-Bounds Read in c (CVE-2026-23244)
vulnerability in c (CVE-2026-23244). Confidential information can be exposed externally.
CVE-2026-23248 Use-After-Free in linux (CVE-2026-23248)
vulnerability in linux (CVE-2026-23248). Successful exploitation can lead to full system takeover.
CVE-2026-23245 Vulnerability in Kernel (CVE-2026-23245)
vulnerability in Kernel (CVE-2026-23245). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `6.1.167, 6.6.130, 6.12.78, 6.18.18, 6.19.8` or later.
CVE-2026-23246 Vulnerability in Kernel (CVE-2026-23246)
vulnerability in Kernel (CVE-2026-23246). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `6.6.130, 6.12.77, 6.18.17, 6.19.7` or later.
CVE-2026-23242 Vulnerability in linux (CVE-2026-23242)
vulnerability in linux (CVE-2026-23242). Risk of unauthorized operations or information disclosure.
CVE-2026-23243 Out-of-Bounds Write in Kernel (CVE-2026-23243)
out-of-bounds write in Kernel (CVE-2026-23243). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `5.10.252, 5.15.202, 6.1.165, 6.6.128, 6.12.75, 6.18.14, 6.19.4` or later.
CVE-2026-31898 Vulnerability in parall (CVE-2026-31898)
vulnerability in parall (CVE-2026-31898). Confidential information can be exposed externally. Exploitable via ``createAnnotation``.
CVE-2026-2603 Vulnerability in org.keycloak:keycloak-services (CVE-2026-2603)
vulnerability in org.keycloak:keycloak-services (CVE-2026-2603). Confidential information can be exposed externally. Mitigation: upgrade to `26.5.5` or later.
CVE-2026-2092 Vulnerability in org.keycloak:keycloak-services (CVE-2026-2092)
vulnerability in org.keycloak:keycloak-services (CVE-2026-2092). Confidential information can be exposed externally.
CVE-2026-28500 Vulnerability in onnx (CVE-2026-28500)
vulnerability in onnx (CVE-2026-28500). Confidential information can be exposed externally. Mitigation: upgrade to `1.21.0rc1` or later.
CVE-2025-66376 KEV [KEV] Cross-Site Scripting (XSS) in Synacor zimbra-collaboration-suite-zcs (CVE-2025-66376)
cross-site scripting in Synacor zimbra-collaboration-suite-zcs (CVE-2025-66376). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-20963 KEV [KEV] Unsafe Deserialization in Microsoft sharepoint (CVE-2026-20963)
vulnerability in Microsoft sharepoint (CVE-2026-20963). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-32841 Vulnerability in edimax (CVE-2026-32841)
vulnerability in edimax (CVE-2026-32841). Successful exploitation can lead to full system takeover.
CVE-2026-32981 Path Traversal in ray (CVE-2026-32981)
path traversal in ray (CVE-2026-32981). Confidential information can be exposed externally. Mitigation: upgrade to `2.8.1` or later.
CVE-2026-30707 Vulnerability in csharp (CVE-2026-30707)
vulnerability in csharp (CVE-2026-30707). Confidential information can be exposed externally.
CVE-2026-3888 Vulnerability in privilege-escalation (CVE-2026-3888)
vulnerability in privilege-escalation (CVE-2026-3888). Successful exploitation can lead to full system takeover.
CVE-2026-4258 Vulnerability in bitwiseshiftleft (CVE-2026-4258)
vulnerability in bitwiseshiftleft (CVE-2026-4258). Confidential information can be exposed externally.
CVE-2026-0708 Out-of-Bounds Read in dos (CVE-2026-0708)
vulnerability in dos (CVE-2026-0708). Confidential information can be exposed externally. Exploitable via ``ucl_object_emit``.
CVE-2025-50881 Code Injection in CVE-2025-50881 (CVE-2025-50881)
code injection in CVE-2025-50881 (CVE-2025-50881). Successful exploitation can lead to full system takeover. Exploitable via ``action``.
CVE-2026-32759 Vulnerability in github.com/filebrowser/filebrowser/v2 (CVE-2026-32759)
vulnerability in github.com/filebrowser/filebrowser/v2 (CVE-2026-32759). Data can be tampered with by attackers. Exploitable via ``enableExec``. Mitigation: upgrade to `2.33.8` or later.
CVE-2026-3644 Vulnerability in CVE-2026-3644 (CVE-2026-3644)
vulnerability in CVE-2026-3644 (CVE-2026-3644). Data can be tampered with by attackers.
CVE-2026-28498 Vulnerability in authlib (CVE-2026-28498)
vulnerability in authlib (CVE-2026-28498). Data can be tampered with by attackers.
CVE-2026-23862 Dell ThinOS 10 versions prior to ThinOS 2602_10.0573, contain an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with local...
Dell ThinOS 10 versions prior to ThinOS 2602_10.0573, contain an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.
CVE-2026-4276 Code Injection in librechat (CVE-2026-4276)
code injection in librechat (CVE-2026-4276). Data can be tampered with by attackers.
CVE-2026-3081 Vulnerability in gstreamer (CVE-2026-3081)
vulnerability in gstreamer (CVE-2026-3081). Successful exploitation can lead to full system takeover.
CVE-2026-3086 Out-of-Bounds Write in gstreamer (CVE-2026-3086)
out-of-bounds write in gstreamer (CVE-2026-3086). Successful exploitation can lead to full system takeover.
CVE-2026-3084 Vulnerability in gstreamer (CVE-2026-3084)
vulnerability in gstreamer (CVE-2026-3084). Successful exploitation can lead to full system takeover.
CVE-2026-4255 Vulnerability in thermalright (CVE-2026-4255)
vulnerability in thermalright (CVE-2026-4255). Successful exploitation can lead to full system takeover.
CVE-2026-3476 Code Injection in 3ds (CVE-2026-3476)
code injection in 3ds (CVE-2026-3476). Successful exploitation can lead to full system takeover.
CVE-2026-3082 Vulnerability in gstreamer (CVE-2026-3082)
vulnerability in gstreamer (CVE-2026-3082). Successful exploitation can lead to full system takeover.
CVE-2026-3085 Vulnerability in gstreamer (CVE-2026-3085)
vulnerability in gstreamer (CVE-2026-3085). Successful exploitation can lead to full system takeover.
CVE-2026-3083 Vulnerability in gstreamer (CVE-2026-3083)
vulnerability in gstreamer (CVE-2026-3083). Successful exploitation can lead to full system takeover.
CVE-2026-31386 OS Command Injection in litespeedtech (CVE-2026-31386)
OS command injection in litespeedtech (CVE-2026-31386). Successful exploitation can lead to full system takeover.
CVE-2026-2923 Out-of-Bounds Write in gstreamer (CVE-2026-2923)
out-of-bounds write in gstreamer (CVE-2026-2923). Successful exploitation can lead to full system takeover.
CVE-2026-2921 Vulnerability in gstreamer (CVE-2026-2921)
vulnerability in gstreamer (CVE-2026-2921). Successful exploitation can lead to full system takeover.
CVE-2026-2922 Out-of-Bounds Write in gstreamer (CVE-2026-2922)
out-of-bounds write in gstreamer (CVE-2026-2922). Successful exploitation can lead to full system takeover.
CVE-2026-2920 Vulnerability in gstreamer (CVE-2026-2920)
vulnerability in gstreamer (CVE-2026-2920). Successful exploitation can lead to full system takeover.
CVE-2026-25083 Vulnerability in CVE-2026-25083 (CVE-2026-25083)
vulnerability in CVE-2026-25083 (CVE-2026-25083). Confidential information can be exposed externally.
CVE-2025-14287 Code Injection in lfprojects (CVE-2025-14287)
code injection in lfprojects (CVE-2025-14287). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →